New Critical RCE Bug discovered Magento Open Source

130
New Critical RCE Bug discovered Magento Open Source-01

Adobe has updated its latest off-band safety tips to add another critical distraction, while researchers released a PoC of the one they fixed last weekend.

Another zero-day distraction was also found on the Magento Open Source and Adobe Commerce platforms, while researchers created an active exploitation of conceptual evidence (PoC) due to the recently registered CVE-2022-24086 protests that triggered active attacks again. Forced Adobe to release an emergency fixed last weekend.

Attackers can use any exploitation to get remote coding (RCE) from an unauthorized user. The new, detailed version on Thursday has the same level of durability given to its predecessor, Adobe which was amended in Feb. 13. It is tracked as CVE-2022-24087 and similarly rated 9.8 in the CVSS exposure scoring system.

Read More: https://threatpost.com/new-critical-rce-bug-found-in-adobe-commerce-magento/178554/